Hardware Hacker Charged With Selling Cable Modems That Get Free Broadband

"You could do mad fraud off it," Swingler allegedly explained in another chat session. Swingler declined to comment for this story.

It's not clear how many modems Swingler has sold, but the online forum attached to his site boasts over 4,000 users, and the FBI's review of Swingler's PayPal account showed "numerous sales of modems to individuals around the world."

In July, FBI agent Milan Patel ordered a modem (.pdf) from Swingler and sent it to Motorola for analysis. The company verified for the FBI that the device had been hacked to allow users to change their MAC address.

Because the hacked modems have legitimate uses, Swingler's statements to the informant could make all the difference in the case, says Mark Rasch, a former Justice Department cybercrime prosecutor.

"I think the law is pretty clear that if you can convincingly say that you didn't know it was going to be used illegally, you shouldn't be prosecuted," says Rasch. "I don't think that argument will fly here."

The author of Hacking the Cable Modem: What Cable Companies Don't Want You to Know, who goes by the name DerEngel, says he's familiar with cablehack.net. Last year the site licensed DerEngel's custom cable-modem firmware, called Sigma, for a flat $150 fee. "They used to just steal it," he says.

Like cablehack.net, DerEngel's website sells pre-modded modems loaded with Sigma, which allows users to reconfigure the modem through a built-in web interface. Among other things, the custom interface lets users to change their MAC address. But DerEngel says he doesn't support fraud, and that MAC address tinkering has legitimate uses, and is just one step in the complicated process that allows a modem to get free, untraceable internet.

"I think that's morally wrong and probably illegal," DerEngel says. "There's a gray area there, but theft-of-service is a crime no matter where you're at."

According to the FBI, Swingler took up modem-modding after retiring from a career managing botnets — fleets of hacked computers used to steal consumer information and launch denial-of-service attacks.